I'd like to point out that the problem is more than just academic. One of the latest versions of Drupal "installs" such invalid serialized strings in the database, perhaps due to some misconceptions about character encodings (i.e. when an UTF-8-encoded string gets serialized using a different encoding, strings lengths may differ later on). In any case I recommend fixing the issue.

I'd also like to mention again that I recently reported another issue in connection with serialize()/unserialize() (0003307) that you might want to solve right away in the course of anyways touching serialize() and unserialize().